10-03-2024 05:06 PM
Just started looking at Risk Insights to see if it can replace other products, realizing Ubuntu security patches are not discovered correctly.
For example, risk insights is listing this vulnerability as active:
https://ubuntu.com/security/CVE-2023-47038
When running perl -V i see amongst other: "DEBPKG:CVE-2023-47038.patch - [PATCH 1/2] Fix read/write past buffer end: perl-security#140"
Similar results on ALL active vulnerabilities on Ubuntu-systems. Although most isn't shown with running with -V, instead i would do for example this to verify patch status:
zgrep 'upgrade' /var/log/dpkg.log* | grep -i 'perl'
Any ideas how to mitigate this?
10-03-2024 06:16 PM
Hi LukeN,
We should be able to discover this correctly.
Please submit a support ticket so that our development team can investigate further.
Please provide the follow information to expedite the ticket.
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now